I understand that you want to write a resource policy to give least privilege policy to federated users.
Creating IAM Policies that grant least privilege is one of the best security practices to create IAM role refer. You can view the condition operators for Amazon Resource Name (ARN) on attached document. The condition operator that you can use in a policy depends on the condition key you choose.
Please see the attached document  for reference identifiers.
I hope this helps
Full access policy, except ssmAccepted Answerasked 11 days ago
Formatting IAM policy to grant S3 external permissionasked 6 months ago
Policy that allows only one SSO user to access a resourceAccepted Answerasked 3 months ago
AWS Polly Policy json for polly:SynthesizeSpeech IAMasked 7 months ago
Resource Policy Condition to restrict accessasked 3 months ago
Using a Cognito custom attribute as a principal tag in an IAM policy condition is not workingAccepted Answerasked a month ago
How to dynamically update the policy of user(Cognito identity) from backend/lambda?asked 7 months ago
AWS: How to attach a policy to an IAM user that grants him the privilege to create a verified identity and not access root identities?asked 8 months ago
Policy Condition for federated usersasked 3 months ago
Can you set a Cognito Identity Pool to include all users/EC2s of the acct?asked 2 years ago